Breaking and provably repairing the SSH authenticated encryption scheme
From MaRDI portal
Publication:3546458
DOI10.1145/996943.996945zbMATH Open1291.94056OpenAlexW2108855216WikidataQ122704969 ScholiaQ122704969MaRDI QIDQ3546458FDOQ3546458
Authors: M. Bellare, Tadayoshi Kohno, Chanathip Namprempre 
Publication date: 21 December 2008
Published in: ACM Transactions on Information and System Security (Search for Journal in Brave)
Full work available at URL: https://doi.org/10.1145/996943.996945
Recommendations
- Plaintext-dependent decryption: a formal security treatment of SSH-CTR
- scientific article; zbMATH DE number 1842499
- From stateless to stateful: generic authentication and authenticated encryption constructions with application to TLS
- Analysis of the SSH key exchange protocol
- Authenticated encryption: relations among notions and analysis of the generic composition paradigm
Cited In (18)
- Secure communication channel establishment: TLS 1.3 (over TCP Fast Open) versus QUIC
- Analysis of the SSH key exchange protocol
- Title not available (Why is that?)
- Jammin' on the deck
- New proofs for NMAC and HMAC: security without collision resistance
- Robust channels: handling unreliable networks in the record layers of QUIC and DTLS 1.3
- Authenticated confidential channel establishment and the security of TLS-DHE
- On the security aspects of protocol CRISP
- Authenticated encryption with small stretch (or, how to accelerate AERO)
- Plaintext-dependent decryption: a formal security treatment of SSH-CTR
- On symmetric encryption with distinguishable decryption failures
- The memory-tightness of authenticated encryption
- Cryptanalysis of the EPBC Authenticated Encryption Mode
- Authenticated encryption: relations among notions and analysis of the generic composition paradigm
- Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment
- Decrypting without keys: the case of the GlobalPlatform SCP02 protocol
- Data is a stream: security of stream-based channels
- Cryptography in Theory and Practice: The Case of Encryption in IPsec
This page was built for publication: Breaking and provably repairing the SSH authenticated encryption scheme
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q3546458)
